urlscan.io logo urlscan.io
SecurityTrails logo

cdn.novhorod002.com Open in urlscan Pro
194.9.91.8  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://notification.tubecup.net/in/click/?mid=1817198751&pid=270&site=tcpublisher&sc=RU&usage_type=ISP&subid=732441129&sid=30159...
Effective URL: https://cdn.novhorod002.com/
Submission: On April 11 via manual from RU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 6 countries across 11 domains to perform 40 HTTP transactions. The main IP is 194.9.91.8, located in Ukraine and belongs to AUDEVIE, UA. The main domain is cdn.novhorod002.com.
TLS certificate: Issued by R3 on February 27th 2022. Valid for: 3 months.
This is the only time cdn.novhorod002.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 159.69.161.138 24940 (HETZNER-AS)
4 168.119.200.196 24940 (HETZNER-AS)
4 2606:4700::68... 13335 (CLOUDFLAR...)
3 9 2a02:6b8::1:119 208722 (YNDX)
4 2606:4700::68... 13335 (CLOUDFLAR...)
6 162.252.214.5 53334 (TUT-AS)
1 185.200.118.90 9009 (M247)
1 38.132.109.186 9009 (M247)
1 1 109.206.168.17 50245 (SERVEREL-AS)
2 185.98.54.150 39572 (ADVANCEDH...)
1 3 2a06:98c1:312... 13335 (CLOUDFLAR...)
4 194.9.91.8 210986 (AUDEVIE)
1 108.157.4.107 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
40 13
1    159.69.161.138 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.138.161.69.159.clients.your-server.de
notification.tubecup.net
4    168.119.200.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.196.200.119.168.clients.your-server.de
richshredinger.com
4    2606:4700::6811:a7ba (United States)

ASN13335 (CLOUDFLARENET, US)
c.adsco.re
9    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
mc.yandex.ru
mc.yandex.com
4    2606:4700::6811:a6ba (United States)

ASN13335 (CLOUDFLARENET, US)
6.adsco.re
6    162.252.214.5 (United States)

ASN53334 (TUT-AS, US)
4.adsco.re
adsco.re
1    185.200.118.90 (London, United Kingdom)

ASN9009 (M247, GB)
PTR: adscore.com
vbsrz1i5ptkf.l4.adsco.re
1    38.132.109.186 (New York, United States)

ASN9009 (M247, GB)
vbsrz1i5ptkf.n4.adsco.re
1    109.206.168.17 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 109.206.168.17.serverel.net
redri.net
2    185.98.54.150 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.viiadr.com
3    2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)
ipsos.pro
api.dextra-pm.com
4    194.9.91.8 (Ukraine)

ASN210986 (AUDEVIE, UA)
cdn.novhorod002.com
1    108.157.4.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-107.dus51.r.cloudfront.net
cdn.dextra-pm.com
1    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
16 adsco.re
c.adsco.re — Cisco Umbrella Rank: 17959
6.adsco.re — Cisco Umbrella Rank: 18482
4.adsco.re — Cisco Umbrella Rank: 20507
adsco.re — Cisco Umbrella Rank: 15639
vbsrz1i5ptkf.l4.adsco.re
vbsrz1i5ptkf.n4.adsco.re
vbsrz1i5ptkf.s4.adsco.re Failed
72 KB
7 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 9032
2 KB
4 novhorod002.com
cdn.novhorod002.com
138 KB
4 richshredinger.com
richshredinger.com — Cisco Umbrella Rank: 23286
4 KB
3 dextra-pm.com
cdn.dextra-pm.com
api.dextra-pm.com
2 KB
2 viiadr.com
s.viiadr.com — Cisco Umbrella Rank: 8505
29 KB
2 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 2877
70 KB
1 gstatic.com
fonts.gstatic.com
12 KB
1 ipsos.pro
ipsos.pro
661 B
1 redri.net
redri.net — Cisco Umbrella Rank: 256057
902 B
1 tubecup.net
notification.tubecup.net — Cisco Umbrella Rank: 7850
275 B
40 11
Domain Requested by
7 mc.yandex.com 2 redirects richshredinger.com
mc.yandex.ru
4 cdn.novhorod002.com cdn.novhorod002.com
4 4.adsco.re richshredinger.com
c.adsco.re
4 6.adsco.re richshredinger.com
c.adsco.re
4 c.adsco.re richshredinger.com
c.adsco.re
4 richshredinger.com richshredinger.com
2 api.dextra-pm.com cdn.novhorod002.com
2 s.viiadr.com richshredinger.com
s.viiadr.com
2 adsco.re c.adsco.re
2 mc.yandex.ru 1 redirects richshredinger.com
1 fonts.gstatic.com cdn.novhorod002.com
1 cdn.dextra-pm.com cdn.novhorod002.com
1 ipsos.pro 1 redirects
1 redri.net 1 redirects
1 vbsrz1i5ptkf.n4.adsco.re c.adsco.re
1 vbsrz1i5ptkf.l4.adsco.re c.adsco.re
1 notification.tubecup.net 1 redirects
0 vbsrz1i5ptkf.s4.adsco.re Failed c.adsco.re
40 18

This site contains no links.

Subject Issuer Validity Valid
dsp.wpu.sh
R3		 2022-03-16 -
2022-06-14		 3 months crt.sh
*.adsco.re
Sectigo RSA Organization Validation Secure Server CA		 2021-09-06 -
2022-09-28		 a year crt.sh
mc.yandex.ru
Yandex CA		 2021-12-22 -
2022-06-03		 5 months crt.sh
*.l4.adsco.re
R3		 2022-03-19 -
2022-06-17		 3 months crt.sh
*.n4.adsco.re
R3		 2022-03-19 -
2022-06-17		 3 months crt.sh
viiadr.com
R3		 2022-02-13 -
2022-05-14		 3 months crt.sh
cdn.novhorod002.com
R3		 2022-02-27 -
2022-05-28		 3 months crt.sh
cdn.dextra-pm.com
Amazon		 2021-08-11 -
2022-09-09		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-08-12 -
2022-08-11		 a year crt.sh

This page contains 2 frames:

Primary Page: https://cdn.novhorod002.com/
Frame ID: CD282FE5CCEBAA46438DBB56B289F587
Requests: 44 HTTP requests in this frame

Frame: https://c.adsco.re/
Frame ID: 3E116501E5D02A68231D10EBA33EA4BC
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

HD Streaming - 720p - Unlimited Downloads

Page URL History Show full URLs

  1. https://notification.tubecup.net/in/click/?mid=1817198751&pid=270&site=tcpublisher&sc=RU&usage_type=ISP&subid... HTTP 302
    https://richshredinger.com/event/?id=16015818594445612646&cid=c5g&sid=a2&format=push&type=click Page URL
  2. https://redri.net/b2/l/c/redir?cid=1&eid=133&n=5752dfc6f5f404fe1dc677dd&nid=1&sid=qKjZElwetBLK... HTTP 302
    https://s.viiadr.com/h/559/nonhsxg2qfnht2mfq7wwi4fdq6nj5thyqvkgossribafyeqhafvgfg5dtlzvmebszi46m3... Page URL
  3. https://ipsos.pro/kph3nv HTTP 302
    https://cdn.novhorod002.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

40
Requests

85 %
HTTPS

36 %
IPv6

11
Domains

18
Subdomains

13
IPs

6
Countries

328 kB
Transfer

670 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://notification.tubecup.net/in/click/?mid=1817198751&pid=270&site=tcpublisher&sc=RU&usage_type=ISP&subid=732441129&sid=3015944653&cid=12164&price=0.0020211730000000002&is_cpm=0&cpm=0&ecpm=0.006604399699999999&crid=&crtid=12946e53455360ddf2d6421de999935e&tcid=3393&out_id=0&ver=1.9.32&ver_c=1.9.32&refdom=pornomotor.info&hostname=lb-hz-37&site_id=303393&spot_id=0&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=2022-03-14&is_native=0&auction_queue=0&burl=&pop_winurl=&ip=&testab=&px_id=303393&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=&iabcat=&min_cpm=&verify_hash=a09f7c7e1e00db56c2f3c40a133c3ceb&url=https%3A%2F%2Frichshredinger.com%2Fevent%2F%3Fid%3D16015818594445612646%26cid%3Dc5g%26sid%3Da2%26format%3Dpush%26type%3Dclick&real_bid=&skin_id=&vertical_id=&pr=&user_keywords=&auc_type=&ua_mismatch=&ip_mismatch=&carrier=&geo=&aid=340&ext_cid=0&event_timestamp=1649702320361 HTTP 302
    https://richshredinger.com/event/?id=16015818594445612646&cid=c5g&sid=a2&format=push&type=click Page URL
  2. https://redri.net/b2/l/c/redir?cid=1&eid=133&n=5752dfc6f5f404fe1dc677dd&nid=1&sid=qKjZElwetBLK6HzxaVqi4woxlhwIKKmFhpfs32SPdVVyL%2FrJSKHCydRl1UURwkFxAT8HFBtK3VHYT7Np1hmu%2BuIyrmMyozp8Lw2LHPd431ztCegAzn8I%2FmmMINifDQevmumq%2BoswrubRofvH%2By6UqGoCb5kFCbayGdy84G9RBICFAz9RwEriaijddR57u2tUugcd9XAp2YxLOhK80YeXUPvZPguwbCZofFJT93SjUSCUiA139doXx5m0Tmr%2Fnc2BqOEvDCgRrQxsr6H5VvEzU9uyyGl%2FzEa19%2BbREA195Drep2%2B4UP2bRqHQ1c0Mrrw%2Bf475TanJl2ReyDG8XsV7jftzu4W4jQo7%2FE9rAfxKGoPr2SNYX57z5dzlJYjW4KnTwzg95ppWp2BJbJx%2FyIdaaLLub5gzBehUIK0M7IHqd62zFARWrErHQLkbpZXtj8exY1jMP8lKkbgSaa8kMZ2uVnn%2F69dmuDN%2FRExfu4iSrNgwEAdwZKJ7QQ7cCF83A1DJ5EZtQtX8nYTNpDRabSJNwxGF%2FvkPgB4K9LAOY3tcDSljatUgMuoi8SHXx06PBoKndiLfaZ6ycodkZtiwUQGtBJc%2B8%2BGlmwzox0puKSb1LFmZ6XsTs6acGP47PJPriGcOO25oXT5gXQY8lvOmLBG%2BbinjkqLsvmwF3C7skcYfS62jlk3w4fvLGDt%2FQpr8tu1kYZBIwWuTnn8XZFKftmXbyy8QuZw6oVkLpmL0nF%2BWY3k7mS3oOtXVQUTP34Tej8K%2BFyElf6hqt8meGVVt35PHUTcdEr3InJFVPOWoz%2B6uM5meh25Pjp6iUQ9zHRq0dPa%2FnNS2kMco8A8mgHWaoKXuo9D8iaTjmSSNdDLrLDkDrv1hKzDPT4R8I6%2BZBb2F0R0mGmWyyIYMzCUJqMiR52LRp4YJh954RK99HORgSmbCtw0A%2F0aqbDxGw4zrEUyMXa8YuTuFHjp%2F77eqBx7DO4T7dAsBJKsPFyUe%2F2aK5zM40F2oW2uY7%2FeZhavzgV117ZrdHveGOJcMtVngBIySUMhl3cn3qGdBvTZ%2B8o29RwwvtKde6xa6z6DcOQNXVNpH8Rn3v3WPuP%2FeFSszWSc2WlduBgcCDg%2F1nIJPcrLxtVKd%2B7KuDA42R0P6vGRPffcjlJOrXNnHPNrfOMViRo6cqElPuYljHfzYE3rcFF4qQ5STCS9j%2Fv7C1F7Q58L7G5cfc7ca%2FVUPvxQaSukM1Z3bVbmOhMzYRN3DcPw33q9NJlKsaVmdjH%2FasaAjxiCRJn5PdrhTELgwC2XgAkaeB2IGFe%2Fe2WFf1UJBCcRbz8oQqt6sbZV73lZpEGnYqcJU3jMzS%2Fj3G7HHaZu2M0WOzCrnJp04RwmoMXJrPCPHd4LCPYpDKgYb6vpOAsrqK%2BdWmP6aZHhbD4QXg9UcLTkfDIOOT2Pqxx2q6r9cHb4ZD22n1qq%2BedcbIoh9KLPT7q6nAL8ZgVmLhg6R3vcueavo523YLky85ARRE7aJiN2zxUt%2FlzhjBFkGKmMcUsygOjKzolSx%2FPHqU9GdyHi6Od9biAvUhoVNEzG9vlb75IMZwSPdTGBxbBE38H28jyQz%2B14XmRj2SijQ%2FpllLVWg5wGacqXQIIQn%2Fc%2F3klwXHsTugcaLDuLcqVgnt15gFPOnM4RF4YwAJX1%2F2yCJT6yrthIfFSotRfD0CgjuP8jOCNcc5DnQjE22fVOh80iDlCPg%2F8%2FDuHvHAATN6Fwx1icBuL9p64bxpRjJi2BSCZCSXQGRQhKNMohEJUensDY4nQaO7%2BXnNjHtcl1xUWriXSifjJKSFm9YvNBe4Rf6faxkPOtVcJE41nKP9JI1uovKK1zoSpQgTcuHGo6g1PG0%2BtDYJFCvnc8XQhC8HS7e002iXzOa2Gnd%2B2hlgyxCrW5DscNJ7I5GZ6uyCrixP8gHrKwydjN33wXSBdLX%2Fwspf1Msl2%2BKMpnJQPMccEMNb%2BVER07OQDiR%2BJvhZt7owU%2F834cQD%2FtCsqm%2FQ6rMTtQWTK%2BO8BtsHYKpHOVzH0%2FMwDUK3ZSZ7F9JBcxhO59Fm%2F%2B01EeqwnphOqRqwd3nuYYevr9oiSVj8pg%2FOr0wFdjZkLJkAyA82PkV%2BmWg3J0l2qWu2yBsTlUW6KzzORkkbLp7lJX771anNM%2FwubUktpO9hPHC56Q%2BfOKlWntOnHrIaUU8QeIxG8dhgUmR4R6WUToX%2BDxbmiVqCa9xxaNUL74e58C%2ByyZp0xcIH3Fe3M2PeGFBMAkyCjmnhBSM4N8V10k9YLysO6QyE5c8mSMcXxnwpIYkQTgvnHqH6Bugi5lKCdFT1xNJfbC5wtWaWqTdFjgYK60n3SuVa3lv73Zq5sQtrSYm5tPeXnY0gOgPP2JFhOhVDixUj5oNWt58%2FV9P5DHuIZ%2Fd%2Bq7HeeyuzhAuh%2Fjs7TwLQZOVA%2BZ%2FRIUFTcMAPbYqFdYZ3YOUI291p%2B0%2Bih5vwId0xa%2Bxf7igZ3VL6X45YGnaMrykPHigs6qTjuG9KTVKpvNMIC%2Bp6uMgSho7JXXxJiaqSzMT5lhYiU95DLIXJOyD6D%2FJL5n9S9SxzGBH4YcgAHxXwLYZc1h0V6IZYAbh4XHv4mN81K1Hy0j8GmfCPj9NaucQBt6XA8ZozJNHj0KEg76PWxyY32D20awenUix%2FkOKU1wteH5azFaEUhe7ywe0yR5lXEGTGApn8BaqWGBoHp%2FnytXG%2FkIL%2FzHFTDBaywa6o7eCzk1uwkTXG%2BWtxVYYqrI%2BK6fT%2BBN%2F1PQ%2FSlwu6ef7JZRw451mOVYD2GNYEZpebv%2Fj7JjDrtBsIg2dxg6hZK6II5yoXbN9Mb0eUTmj4rZR9Zfvh7qkMPW%2BSfONeuBlrkPRevw2OubKoyve07HO7UvBVKla8KzmXYTXDJvoOZh%2FrQKEnMbAzY8elfrU4Cd9atP2jeClDihOEtBh%2F7mPwHSdQM%2F67LRNKwAIBoz2Y%2BnaNTMvZ7wX1apOG8kJOu%2FxIM6D98jh6jSaK7MkrA9EcfFio73%2F19l38N3jw2pVdnkFIlkbOQooNYGrPspTmqZ9Pmnc2s4oTEnTV89QScKgneRugHRTd6UkQDbprPMDOcXeEvBZY630x9%2FbdFC%2BswRlkUhEmz0t%2BYtmBPMHvE9wDl1PL%2B1tgX9V%2BFOfZGJR53D%2BcnXAYRGaxuq9Nu5jPfgQj%2Fc2mWv9gWE10WpaNPAtiLoK5QrzR5Ydg7SH1Ihf2ybugpdPcKjRAeA3qFoqHuKmi6xV11M6apuhuzNiU5BRu36ijMpWdlZntamfavrw7P%2Fc8HSS3sp6kX8Y7HwdlBK%2BwueKNWCsPWrkgeKxWtQ6&ts=1649702477&ttl=172800&v=v5.2.0.1 HTTP 302
    https://s.viiadr.com/h/559/nonhsxg2qfnht2mfq7wwi4fdq6nj5thyqvkgossribafyeqhafvgfg5dtlzvmebszi46m3m2k7wlizxapgl5coxrncznnt6l2hv7fpig6bedr2sxqnkicul4xrj6lvm5s5i36sv4zsgpcvnyjo5j5c46jtyve6pukazog2zqaqnpwy2owvlfeocjfhbfizvtmnn7qv7asjkocmnk4zlkcu7d2kbzesf3gfoewtdcxtrfpifcjjuouvoq52r3m5nukgvuxajrk7hu7lf4vhdfjkcnncifevl2k5secy3cbj6v4blfpr4vmykmnvvq662razqx27cwiizfzc7wq5vsfg4tnf4vcwckbizctvjyh2tezskryt3vlccizlgvdj2k3xzx7vcqhhawx24yqfe5yus3nguqbddlqyh3u5vukjnwtkiaxfv4b2hi57xzphpabyrbyyysmiwxsudidrtwgw36ljjwo7dyavuu6mtcbb4f6b3cpj7fom2nmyycrnhk2lblb3fptxsvk6vy3gnmeuynjh3fgkg4yhn55fonvgyliyai7ciorvspbg4ydtopmlahty4x37mg6ecqi7jw2yerkn5du6ne32d52tk3jryfksue5jxbf5nqjrmfa6cuki4etgmnc47hm24h3msloby=?u=https%3A%2F%2Fipsos.pro%2Fkph3nv Page URL
  3. https://ipsos.pro/kph3nv HTTP 302
    https://cdn.novhorod002.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://notification.tubecup.net/in/click/?mid=1817198751&pid=270&site=tcpublisher&sc=RU&usage_type=ISP&subid=732441129&sid=3015944653&cid=12164&price=0.0020211730000000002&is_cpm=0&cpm=0&ecpm=0.006604399699999999&crid=&crtid=12946e53455360ddf2d6421de999935e&tcid=3393&out_id=0&ver=1.9.32&ver_c=1.9.32&refdom=pornomotor.info&hostname=lb-hz-37&site_id=303393&spot_id=0&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=2022-03-14&is_native=0&auction_queue=0&burl=&pop_winurl=&ip=&testab=&px_id=303393&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=&iabcat=&min_cpm=&verify_hash=a09f7c7e1e00db56c2f3c40a133c3ceb&url=https%3A%2F%2Frichshredinger.com%2Fevent%2F%3Fid%3D16015818594445612646%26cid%3Dc5g%26sid%3Da2%26format%3Dpush%26type%3Dclick&real_bid=&skin_id=&vertical_id=&pr=&user_keywords=&auc_type=&ua_mismatch=&ip_mismatch=&carrier=&geo=&aid=340&ext_cid=0&event_timestamp=1649702320361 HTTP 302
  • https://richshredinger.com/event/?id=16015818594445612646&cid=c5g&sid=a2&format=push&type=click
Request Chain 20
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9605.14yXz2E-19yoQ3IXsuOrPeu0RyzShDRI16fh5Ayn5XYJ1NuOl5Sef6fSm5dXsbnd.uHpjLrzPL8wobu9dEOp41UexaYI%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9605.dMBA_HcmOD1AxfPJloOuKeFOa10YHrAwCQjK3hcAPTKzFOssLtsdWPxvJJi-qvPio6XeQGfzelwHCXQluJJqDA%2C%2C.RM_jhCIu6UeX6YjVtd7BuauPSfc%2C
Request Chain 24
  • https://mc.yandex.com/watch/86761068?wmode=7&page-url=https%3A%2F%2Frichshredinger.com%2Fevent%2F%3Fid%3D16015818594445612646%26cid%3Dc5g%26sid%3Da2%26format%3Dpush%26type%3Dclick&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A782%3Acn%3A1%3Adp%3A0%3Als%3A1612627988726%3Ahid%3A957415106%3Az%3A0%3Ai%3A20220411184703%3Aet%3A1649702824%3Ac%3A1%3Arn%3A626964549%3Arqn%3A1%3Au%3A1649702824818084441%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1649702823353%3Ads%3A6%2C21%2C81%2C1%2C54%2C0%2C%2C22%2C0%2C%2C%2C%2C392%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1649702824%3At%3A&t=gdpr(14)aw(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/86761068/1?wmode=7&page-url=https%3A%2F%2Frichshredinger.com%2Fevent%2F%3Fid%3D16015818594445612646%26cid%3Dc5g%26sid%3Da2%26format%3Dpush%26type%3Dclick&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A782%3Acn%3A1%3Adp%3A0%3Als%3A1612627988726%3Ahid%3A957415106%3Az%3A0%3Ai%3A20220411184703%3Aet%3A1649702824%3Ac%3A1%3Arn%3A626964549%3Arqn%3A1%3Au%3A1649702824818084441%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1649702823353%3Ads%3A6%2C21%2C81%2C1%2C54%2C0%2C%2C22%2C0%2C%2C%2C%2C392%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1649702824%3At%3A&t=gdpr%2814%29aw%281%29ti%282%29
Request Chain 27
  • https://redri.net/b2/l/c/redir?cid=1&eid=133&n=5752dfc6f5f404fe1dc677dd&nid=1&sid=qKjZElwetBLK6HzxaVqi4woxlhwIKKmFhpfs32SPdVVyL%2FrJSKHCydRl1UURwkFxAT8HFBtK3VHYT7Np1hmu%2BuIyrmMyozp8Lw2LHPd431ztCegAzn8I%2FmmMINifDQevmumq%2BoswrubRofvH%2By6UqGoCb5kFCbayGdy84G9RBICFAz9RwEriaijddR57u2tUugcd9XAp2YxLOhK80YeXUPvZPguwbCZofFJT93SjUSCUiA139doXx5m0Tmr%2Fnc2BqOEvDCgRrQxsr6H5VvEzU9uyyGl%2FzEa19%2BbREA195Drep2%2B4UP2bRqHQ1c0Mrrw%2Bf475TanJl2ReyDG8XsV7jftzu4W4jQo7%2FE9rAfxKGoPr2SNYX57z5dzlJYjW4KnTwzg95ppWp2BJbJx%2FyIdaaLLub5gzBehUIK0M7IHqd62zFARWrErHQLkbpZXtj8exY1jMP8lKkbgSaa8kMZ2uVnn%2F69dmuDN%2FRExfu4iSrNgwEAdwZKJ7QQ7cCF83A1DJ5EZtQtX8nYTNpDRabSJNwxGF%2FvkPgB4K9LAOY3tcDSljatUgMuoi8SHXx06PBoKndiLfaZ6ycodkZtiwUQGtBJc%2B8%2BGlmwzox0puKSb1LFmZ6XsTs6acGP47PJPriGcOO25oXT5gXQY8lvOmLBG%2BbinjkqLsvmwF3C7skcYfS62jlk3w4fvLGDt%2FQpr8tu1kYZBIwWuTnn8XZFKftmXbyy8QuZw6oVkLpmL0nF%2BWY3k7mS3oOtXVQUTP34Tej8K%2BFyElf6hqt8meGVVt35PHUTcdEr3InJFVPOWoz%2B6uM5meh25Pjp6iUQ9zHRq0dPa%2FnNS2kMco8A8mgHWaoKXuo9D8iaTjmSSNdDLrLDkDrv1hKzDPT4R8I6%2BZBb2F0R0mGmWyyIYMzCUJqMiR52LRp4YJh954RK99HORgSmbCtw0A%2F0aqbDxGw4zrEUyMXa8YuTuFHjp%2F77eqBx7DO4T7dAsBJKsPFyUe%2F2aK5zM40F2oW2uY7%2FeZhavzgV117ZrdHveGOJcMtVngBIySUMhl3cn3qGdBvTZ%2B8o29RwwvtKde6xa6z6DcOQNXVNpH8Rn3v3WPuP%2FeFSszWSc2WlduBgcCDg%2F1nIJPcrLxtVKd%2B7KuDA42R0P6vGRPffcjlJOrXNnHPNrfOMViRo6cqElPuYljHfzYE3rcFF4qQ5STCS9j%2Fv7C1F7Q58L7G5cfc7ca%2FVUPvxQaSukM1Z3bVbmOhMzYRN3DcPw33q9NJlKsaVmdjH%2FasaAjxiCRJn5PdrhTELgwC2XgAkaeB2IGFe%2Fe2WFf1UJBCcRbz8oQqt6sbZV73lZpEGnYqcJU3jMzS%2Fj3G7HHaZu2M0WOzCrnJp04RwmoMXJrPCPHd4LCPYpDKgYb6vpOAsrqK%2BdWmP6aZHhbD4QXg9UcLTkfDIOOT2Pqxx2q6r9cHb4ZD22n1qq%2BedcbIoh9KLPT7q6nAL8ZgVmLhg6R3vcueavo523YLky85ARRE7aJiN2zxUt%2FlzhjBFkGKmMcUsygOjKzolSx%2FPHqU9GdyHi6Od9biAvUhoVNEzG9vlb75IMZwSPdTGBxbBE38H28jyQz%2B14XmRj2SijQ%2FpllLVWg5wGacqXQIIQn%2Fc%2F3klwXHsTugcaLDuLcqVgnt15gFPOnM4RF4YwAJX1%2F2yCJT6yrthIfFSotRfD0CgjuP8jOCNcc5DnQjE22fVOh80iDlCPg%2F8%2FDuHvHAATN6Fwx1icBuL9p64bxpRjJi2BSCZCSXQGRQhKNMohEJUensDY4nQaO7%2BXnNjHtcl1xUWriXSifjJKSFm9YvNBe4Rf6faxkPOtVcJE41nKP9JI1uovKK1zoSpQgTcuHGo6g1PG0%2BtDYJFCvnc8XQhC8HS7e002iXzOa2Gnd%2B2hlgyxCrW5DscNJ7I5GZ6uyCrixP8gHrKwydjN33wXSBdLX%2Fwspf1Msl2%2BKMpnJQPMccEMNb%2BVER07OQDiR%2BJvhZt7owU%2F834cQD%2FtCsqm%2FQ6rMTtQWTK%2BO8BtsHYKpHOVzH0%2FMwDUK3ZSZ7F9JBcxhO59Fm%2F%2B01EeqwnphOqRqwd3nuYYevr9oiSVj8pg%2FOr0wFdjZkLJkAyA82PkV%2BmWg3J0l2qWu2yBsTlUW6KzzORkkbLp7lJX771anNM%2FwubUktpO9hPHC56Q%2BfOKlWntOnHrIaUU8QeIxG8dhgUmR4R6WUToX%2BDxbmiVqCa9xxaNUL74e58C%2ByyZp0xcIH3Fe3M2PeGFBMAkyCjmnhBSM4N8V10k9YLysO6QyE5c8mSMcXxnwpIYkQTgvnHqH6Bugi5lKCdFT1xNJfbC5wtWaWqTdFjgYK60n3SuVa3lv73Zq5sQtrSYm5tPeXnY0gOgPP2JFhOhVDixUj5oNWt58%2FV9P5DHuIZ%2Fd%2Bq7HeeyuzhAuh%2Fjs7TwLQZOVA%2BZ%2FRIUFTcMAPbYqFdYZ3YOUI291p%2B0%2Bih5vwId0xa%2Bxf7igZ3VL6X45YGnaMrykPHigs6qTjuG9KTVKpvNMIC%2Bp6uMgSho7JXXxJiaqSzMT5lhYiU95DLIXJOyD6D%2FJL5n9S9SxzGBH4YcgAHxXwLYZc1h0V6IZYAbh4XHv4mN81K1Hy0j8GmfCPj9NaucQBt6XA8ZozJNHj0KEg76PWxyY32D20awenUix%2FkOKU1wteH5azFaEUhe7ywe0yR5lXEGTGApn8BaqWGBoHp%2FnytXG%2FkIL%2FzHFTDBaywa6o7eCzk1uwkTXG%2BWtxVYYqrI%2BK6fT%2BBN%2F1PQ%2FSlwu6ef7JZRw451mOVYD2GNYEZpebv%2Fj7JjDrtBsIg2dxg6hZK6II5yoXbN9Mb0eUTmj4rZR9Zfvh7qkMPW%2BSfONeuBlrkPRevw2OubKoyve07HO7UvBVKla8KzmXYTXDJvoOZh%2FrQKEnMbAzY8elfrU4Cd9atP2jeClDihOEtBh%2F7mPwHSdQM%2F67LRNKwAIBoz2Y%2BnaNTMvZ7wX1apOG8kJOu%2FxIM6D98jh6jSaK7MkrA9EcfFio73%2F19l38N3jw2pVdnkFIlkbOQooNYGrPspTmqZ9Pmnc2s4oTEnTV89QScKgneRugHRTd6UkQDbprPMDOcXeEvBZY630x9%2FbdFC%2BswRlkUhEmz0t%2BYtmBPMHvE9wDl1PL%2B1tgX9V%2BFOfZGJR53D%2BcnXAYRGaxuq9Nu5jPfgQj%2Fc2mWv9gWE10WpaNPAtiLoK5QrzR5Ydg7SH1Ihf2ybugpdPcKjRAeA3qFoqHuKmi6xV11M6apuhuzNiU5BRu36ijMpWdlZntamfavrw7P%2Fc8HSS3sp6kX8Y7HwdlBK%2BwueKNWCsPWrkgeKxWtQ6&ts=1649702477&ttl=172800&v=v5.2.0.1 HTTP 302
  • https://s.viiadr.com/h/559/nonhsxg2qfnht2mfq7wwi4fdq6nj5thyqvkgossribafyeqhafvgfg5dtlzvmebszi46m3m2k7wlizxapgl5coxrncznnt6l2hv7fpig6bedr2sxqnkicul4xrj6lvm5s5i36sv4zsgpcvnyjo5j5c46jtyve6pukazog2zqaqnpwy2owvlfeocjfhbfizvtmnn7qv7asjkocmnk4zlkcu7d2kbzesf3gfoewtdcxtrfpifcjjuouvoq52r3m5nukgvuxajrk7hu7lf4vhdfjkcnncifevl2k5secy3cbj6v4blfpr4vmykmnvvq662razqx27cwiizfzc7wq5vsfg4tnf4vcwckbizctvjyh2tezskryt3vlccizlgvdj2k3xzx7vcqhhawx24yqfe5yus3nguqbddlqyh3u5vukjnwtkiaxfv4b2hi57xzphpabyrbyyysmiwxsudidrtwgw36ljjwo7dyavuu6mtcbb4f6b3cpj7fom2nmyycrnhk2lblb3fptxsvk6vy3gnmeuynjh3fgkg4yhn55fonvgyliyai7ciorvspbg4ydtopmlahty4x37mg6ecqi7jw2yerkn5du6ne32d52tk3jryfksue5jxbf5nqjrmfa6cuki4etgmnc47hm24h3msloby=?u=https%3A%2F%2Fipsos.pro%2Fkph3nv

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
richshredinger.com/event/
Redirect Chain
  • https://notification.tubecup.net/in/click/?mid=1817198751&pid=270&site=tcpublisher&sc=RU&usage_type=ISP&subid=732441129&sid=3015944653&cid=12164&price=0.0020211730000000002&is_cpm=0&cpm=0&ecpm=0.00...
  • https://richshredinger.com/event/?id=16015818594445612646&cid=c5g&sid=a2&format=push&type=click
7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://richshredinger.com/event/?id=16015818594445612646&cid=c5g&sid=a2&format=push&type=click
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
168.119.200.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.200.119.168.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
02e963f4f70f340ef68928113390159bb401f704da776f339f6d04b57d04ad2c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
text/html
date
Mon, 11 Apr 2022 18:47:03 GMT
expires
0
pragma
no-cache
server
nginx/1.18.0

Redirect headers

access-control-allow-headers
*
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
content-length
0
date
Mon, 11 Apr 2022 18:47:03 GMT
location
https://richshredinger.com/event/?id=16015818594445612646&cid=c5g&sid=a2&format=push&type=click
pragma
no-cache
server
nginx/1.18.0
vary
Origin
/
c.adsco.re/ 		63 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.adsco.re/
Requested by
Host: richshredinger.com
URL: https://richshredinger.com/event/?id=16015818594445612646&cid=c5g&sid=a2&format=push&type=click
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da1bc24aeafec2701dbdeed0d9f37421252a140e3307a71e4bc5fec4cec377e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://richshredinger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 18:47:03 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1112804
etag
W/"WtfcKMteYs2dCZjgNMzUmw=="
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
link
<//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
cache-control
public, max-age=2678400
cf-ray
6fa5e3773dc25b32-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 12 May 2022 18:47:03 GMT
tag.js
mc.yandex.ru/metrika/ 		202 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: richshredinger.com
URL: https://richshredinger.com/event/?id=16015818594445612646&cid=c5g&sid=a2&format=push&type=click
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
6676403d614657aab51e4807503d9f0de6723b08c4e404e109f1375b891117be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://richshredinger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 18:47:03 GMT
content-encoding
br
last-modified
Mon, 11 Apr 2022 12:19:16 GMT
etag
"6253f294-11414"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
70676
expires
Mon, 11 Apr 2022 19:47:03 GMT
/
6.adsco.re/ 		0
399 B 		Other
General
Check archive.org
Download Go to
Full URL
https://6.adsco.re/
Requested by
Host: richshredinger.com
URL: https://richshredinger.com/event/?id=16015818594445612646&cid=c5g&sid=a2&format=push&type=click
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://richshredinger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 18:47:03 GMT
content-encoding
br
server
cloudflare
access-control-allow-headers
Content-Type
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
access-control-max-age
2592000
cache-control
private, max-age=10
cf-ray
6fa5e37758a98ff5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
4.adsco.re/ 		0
440 B 		Other
General
Check archive.org
Download Go to
Full URL
https://4.adsco.re/
Requested by
Host: richshredinger.com
URL: https://richshredinger.com/event/?id=16015818594445612646&cid=c5g&sid=a2&format=push&type=click
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://richshredinger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 11 Apr 2022 18:47:03 GMT
Content-Encoding
gzip
Access-Control-Max-Age
2592000
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=5
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
/
c.adsco.re/ 		0
23 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.adsco.re/
Requested by
Host: richshredinger.com
URL: https://richshredinger.com/event/?id=16015818594445612646&cid=c5g&sid=a2&format=push&type=click
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://richshredinger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 18:47:03 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1112804
etag
W/"WtfcKMteYs2dCZjgNMzUmw=="
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
link
<//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
cache-control
public, max-age=2678400
cf-ray
6fa5e3773dca5b32-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 12 May 2022 18:47:03 GMT
iframe
richshredinger.com/gmetrics/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://richshredinger.com/gmetrics/iframe?sessionId=1706804401505239811&id=16015818594445612646
Requested by
Host: richshredinger.com
URL: https://richshredinger.com/event/?id=16015818594445612646&cid=c5g&sid=a2&format=push&type=click
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
168.119.200.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.200.119.168.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://richshredinger.com/event/?id=16015818594445612646&cid=c5g&sid=a2&format=push&type=click
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 18:47:03 GMT
content-length
0
server
nginx/1.18.0
nojs
richshredinger.com/gmetrics/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://richshredinger.com/gmetrics/nojs?sessionId=1706804401505239811&id=16015818594445612646
Requested by
Host: richshredinger.com
URL: https://richshredinger.com/event/?id=16015818594445612646&cid=c5g&sid=a2&format=push&type=click
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
168.119.200.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.200.119.168.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://richshredinger.com/event/?id=16015818594445612646&cid=c5g&sid=a2&format=push&type=click
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 18:47:03 GMT
content-length
0
server
nginx/1.18.0
/
6.adsco.re/ 		0
417 B 		Other
General
Check archive.org
Download Go to
Full URL
https://6.adsco.re/
Requested by
Host: richshredinger.com
URL: https://richshredinger.com/event/?id=16015818594445612646&cid=c5g&sid=a2&format=push&type=click
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://richshredinger.com/
Origin
https://richshredinger.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 18:47:03 GMT
content-encoding
br
server
cloudflare
access-control-allow-headers
Content-Type
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://richshredinger.com
access-control-max-age
2592000
cache-control
private, max-age=10
cf-ray
6fa5e37798fd9019-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
4.adsco.re/ 		0
465 B 		Other
General
Check archive.org
Download Go to
Full URL
https://4.adsco.re/
Requested by
Host: richshredinger.com
URL: https://richshredinger.com/event/?id=16015818594445612646&cid=c5g&sid=a2&format=push&type=click
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://richshredinger.com/
Origin
https://richshredinger.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 11 Apr 2022 18:47:03 GMT
Content-Encoding
gzip
Access-Control-Max-Age
2592000
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://richshredinger.com
Cache-Control
private, max-age=5
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
p
adsco.re/ 		0
427 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adsco.re/p
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://richshredinger.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 11 Apr 2022 18:47:03 GMT
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
AS-P-4
OK
Transfer-Encoding
chunked
AS-P-1
OK lon123
Access-Control-Allow-Origin
https://richshredinger.com
Access-Control-Max-Age
2592000
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
Connection
keep-alive
AS-E
ND
AS-P-2
OK
AS-P-3
OK
/
4.adsco.re/ 		48 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
d7363b7b1c8681054f6f068da2f15440a7841bc9a8af70c3e22abc41231ed642

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://richshredinger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 11 Apr 2022 18:47:03 GMT
Content-Encoding
gzip
Access-Control-Max-Age
2592000
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://richshredinger.com
Cache-Control
private, max-age=5
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
/
6.adsco.re/ 		53 B
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://6.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5cdad9263edfdae32ad4dbe82bff533f444b63fc642d92b7bde533ed7c3db4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://richshredinger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 18:47:03 GMT
content-encoding
br
server
cloudflare
access-control-allow-headers
Content-Type
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://richshredinger.com
access-control-max-age
2592000
cache-control
private, max-age=10
cf-ray
6fa5e377a9159019-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
vbsrz1i5ptkf.l4.adsco.re/ 		0
464 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://vbsrz1i5ptkf.l4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.200.118.90 London, United Kingdom, ASN9009 (M247, GB),
Reverse DNS
adscore.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://richshredinger.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 11 Apr 2022 18:47:03 GMT
Last-Modified
Tue, 31 Jul 2018 22:16:15 GMT
ETag
"5b60dfaf-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
vbsrz1i5ptkf.n4.adsco.re/ 		0
464 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://vbsrz1i5ptkf.n4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
38.132.109.186 New York, United States, ASN9009 (M247, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://richshredinger.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 11 Apr 2022 18:47:03 GMT
Last-Modified
Mon, 30 Jul 2018 15:32:42 GMT
ETag
"5b5f2f9a-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
vbsrz1i5ptkf.s4.adsco.re/ 		0
0
/
c.adsco.re/ Frame 3E11 		63 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da1bc24aeafec2701dbdeed0d9f37421252a140e3307a71e4bc5fec4cec377e5

Request headers

Referer
https://richshredinger.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1112804
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=2678400
cf-cache-status
HIT
cf-ray
6fa5e377ced85b32-FRA
content-encoding
br
content-type
text/html
date
Mon, 11 Apr 2022 18:47:03 GMT
etag
W/"WtfcKMteYs2dCZjgNMzUmw=="
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 12 May 2022 18:47:03 GMT
link
<//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
server
cloudflare
vary
Accept-Encoding
/
6.adsco.re/ Frame 3E11 		0
375 B 		Other
General
Check archive.org
Download Go to
Full URL
https://6.adsco.re/
Requested by
Host: richshredinger.com
URL: https://richshredinger.com/event/?id=16015818594445612646&cid=c5g&sid=a2&format=push&type=click
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://c.adsco.re/
Origin
https://c.adsco.re
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 18:47:03 GMT
content-encoding
br
server
cloudflare
access-control-allow-headers
Content-Type
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://c.adsco.re
access-control-max-age
2592000
cache-control
private, max-age=10
cf-ray
6fa5e3787f3f995d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
4.adsco.re/ Frame 3E11 		0
457 B 		Other
General
Check archive.org
Download Go to
Full URL
https://4.adsco.re/
Requested by
Host: richshredinger.com
URL: https://richshredinger.com/event/?id=16015818594445612646&cid=c5g&sid=a2&format=push&type=click
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://c.adsco.re/
Origin
https://c.adsco.re
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 11 Apr 2022 18:47:03 GMT
Content-Encoding
gzip
Access-Control-Max-Age
2592000
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://c.adsco.re
Cache-Control
private, max-age=5
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
/
c.adsco.re/ Frame 3E11 		31 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.adsco.re/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 18:47:03 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1112802
etag
W/"WtfcKMteYs2dCZjgNMzUmw=="
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
link
<//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
cache-control
public, max-age=2678400
cf-ray
6fa5e3788caf9b5e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 12 May 2022 18:47:03 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9605.14yXz2E-19yoQ3IXsuOrPeu0RyzShDRI16fh5Ayn5XYJ1NuOl5Sef6fSm5dXsbnd.uHpjLrzPL8wobu9dEOp41UexaYI%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9605.dMBA_HcmOD1AxfPJloOuKeFOa10YHrAwCQjK3hcAPTKzFOssLtsdWPxvJJi-qvPio6XeQGfzelwHCXQluJJqDA%2C%2C.RM_jhCIu6UeX6YjVtd7BuauPSfc%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9605.dMBA_HcmOD1AxfPJloOuKeFOa10YHrAwCQjK3hcAPTKzFOssLtsdWPxvJJi-qvPio6XeQGfzelwHCXQluJJqDA%2C%2C.RM_jhCIu6UeX6YjVtd7BuauPSfc%2C
Requested by
Host: richshredinger.com
URL: https://richshredinger.com/event/?id=16015818594445612646&cid=c5g&sid=a2&format=push&type=click
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://richshredinger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 18:47:03 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9605.dMBA_HcmOD1AxfPJloOuKeFOa10YHrAwCQjK3hcAPTKzFOssLtsdWPxvJJi-qvPio6XeQGfzelwHCXQluJJqDA%2C%2C.RM_jhCIu6UeX6YjVtd7BuauPSfc%2C
date
Mon, 11 Apr 2022 18:47:03 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: richshredinger.com
URL: https://richshredinger.com/event/?id=16015818594445612646&cid=c5g&sid=a2&format=push&type=click
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://richshredinger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 18:47:03 GMT
last-modified
Thu, 07 Apr 2022 11:31:59 GMT
etag
"624ea17f-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Mon, 11 Apr 2022 19:47:03 GMT
/
6.adsco.re/ Frame 3E11 		0
0
/
4.adsco.re/ Frame 3E11 		0
0
1
mc.yandex.com/watch/86761068/
Redirect Chain
  • https://mc.yandex.com/watch/86761068?wmode=7&page-url=https%3A%2F%2Frichshredinger.com%2Fevent%2F%3Fid%3D16015818594445612646%26cid%3Dc5g%26sid%3Da2%26format%3Dpush%26type%3Dclick&charset=utf-8&bro...
  • https://mc.yandex.com/watch/86761068/1?wmode=7&page-url=https%3A%2F%2Frichshredinger.com%2Fevent%2F%3Fid%3D16015818594445612646%26cid%3Dc5g%26sid%3Da2%26format%3Dpush%26type%3Dclick&charset=utf-8&b...
338 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/86761068/1?wmode=7&page-url=https%3A%2F%2Frichshredinger.com%2Fevent%2F%3Fid%3D16015818594445612646%26cid%3Dc5g%26sid%3Da2%26format%3Dpush%26type%3Dclick&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A782%3Acn%3A1%3Adp%3A0%3Als%3A1612627988726%3Ahid%3A957415106%3Az%3A0%3Ai%3A20220411184703%3Aet%3A1649702824%3Ac%3A1%3Arn%3A626964549%3Arqn%3A1%3Au%3A1649702824818084441%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1649702823353%3Ads%3A6%2C21%2C81%2C1%2C54%2C0%2C%2C22%2C0%2C%2C%2C%2C392%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1649702824%3At%3A&t=gdpr%2814%29aw%281%29ti%282%29
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
1d762f275def083e70c835ccbff38136da98fdae737572b59b0822e327e9be6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://richshredinger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Apr 2022 18:47:03 GMT
x-content-type-options
nosniff
last-modified
Mon, 11-Apr-2022 18:47:03 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://richshredinger.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
338
x-xss-protection
1; mode=block
expires
Mon, 11-Apr-2022 18:47:03 GMT

Redirect headers

pragma
no-cache
date
Mon, 11 Apr 2022 18:47:03 GMT
last-modified
Mon, 11-Apr-2022 18:47:03 GMT
location
/watch/86761068/1?wmode=7&page-url=https%3A%2F%2Frichshredinger.com%2Fevent%2F%3Fid%3D16015818594445612646%26cid%3Dc5g%26sid%3Da2%26format%3Dpush%26type%3Dclick&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A782%3Acn%3A1%3Adp%3A0%3Als%3A1612627988726%3Ahid%3A957415106%3Az%3A0%3Ai%3A20220411184703%3Aet%3A1649702824%3Ac%3A1%3Arn%3A626964549%3Arqn%3A1%3Au%3A1649702824818084441%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1649702823353%3Ads%3A6%2C21%2C81%2C1%2C54%2C0%2C%2C22%2C0%2C%2C%2C%2C392%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1649702824%3At%3A&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://richshredinger.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Mon, 11-Apr-2022 18:47:03 GMT
p
adsco.re/ 		259 B
789 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adsco.re/p
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
5e0f5447da0376f0102a5d803d7d08816d59687932e64ac9f67ab9119a6aaa03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://richshredinger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

AS-P-G
OK
Date
Mon, 11 Apr 2022 18:47:04 GMT
AS-P-7
OK
AS-P-9
OK
AS-P-C
OK
Transfer-Encoding
chunked
AS-P-5
OK
AS-P-F
OK
Connection
keep-alive
Content-Encoding
gzip
AS-P-2
OK
AS-P-D
OK
AS-P-6
OK
AS-P-B
OK
AS-P-H
OK
AS-P-4
OK
AS-P-A
OK
Access-Control-Max-Age
2592000
AS-P-1
OK lon123
Access-Control-Allow-Origin
https://richshredinger.com
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
AS-P-8
OK
Content-Type
text/html; charset=UTF-8
AS-P-E
OK
AS-P-3
OK
emulator
richshredinger.com/gmetrics/ 		0
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://richshredinger.com/gmetrics/emulator?sessionId=1706804401505239811&id=16015818594445612646&emulator=BAoAYlR3qAFiVHeogAGBAcAAIKDcK4qgUEf9SPolYScEBDxlktSPB_TJw20Fx-_6DdNfwQAgENjfSdSuCp0uzKCaCEr6_4EyFtA5JrkCFeG_30_V1knCACCtbPFXcwF5rmEFkb43adhnXjbmuqNNMv5VwnvYnjdjesQAECoDGyAABvARAAAAAAAAAG7FABA-17P7CoUeaJVJVXE1J-ukwwAgO9w7AKT_eK8xuZ3-m6uEO5zJqyuhJk75FBe24ApJSB4
Requested by
Host: richshredinger.com
URL: https://richshredinger.com/event/?id=16015818594445612646&cid=c5g&sid=a2&format=push&type=click
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
168.119.200.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.200.119.168.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://richshredinger.com/event/?id=16015818594445612646&cid=c5g&sid=a2&format=push&type=click
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 18:47:04 GMT
server
nginx/1.18.0
nonhsxg2qfnht2mfq7wwi4fdq6nj5thyqvkgossribafyeqhafvgfg5dtlzvmebszi46m3m2k7wlizxapgl5coxrncznnt6l2hv7fpig6bedr2sxqnkicul4xrj6lvm5s5i36sv4zsgpcvnyjo5j5c46jtyve6pukazog2zqaqnpwy2owvlfeocjfhbfizvtmnn7q...
s.viiadr.com/h/559/
Redirect Chain
  • https://redri.net/b2/l/c/redir?cid=1&eid=133&n=5752dfc6f5f404fe1dc677dd&nid=1&sid=qKjZElwetBLK6HzxaVqi4woxlhwIKKmFhpfs32SPdVVyL%2FrJSKHCydRl1UURwkFxAT8HFBtK3VHYT7Np1hmu%2BuIyrmMyozp8Lw2LHPd431ztCeg...
  • https://s.viiadr.com/h/559/nonhsxg2qfnht2mfq7wwi4fdq6nj5thyqvkgossribafyeqhafvgfg5dtlzvmebszi46m3m2k7wlizxapgl5coxrncznnt6l2hv7fpig6bedr2sxqnkicul4xrj6lvm5s5i36sv4zsgpcvnyjo5j5c46jtyve6pukazog2zqaq...
69 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.viiadr.com/h/559/nonhsxg2qfnht2mfq7wwi4fdq6nj5thyqvkgossribafyeqhafvgfg5dtlzvmebszi46m3m2k7wlizxapgl5coxrncznnt6l2hv7fpig6bedr2sxqnkicul4xrj6lvm5s5i36sv4zsgpcvnyjo5j5c46jtyve6pukazog2zqaqnpwy2owvlfeocjfhbfizvtmnn7qv7asjkocmnk4zlkcu7d2kbzesf3gfoewtdcxtrfpifcjjuouvoq52r3m5nukgvuxajrk7hu7lf4vhdfjkcnncifevl2k5secy3cbj6v4blfpr4vmykmnvvq662razqx27cwiizfzc7wq5vsfg4tnf4vcwckbizctvjyh2tezskryt3vlccizlgvdj2k3xzx7vcqhhawx24yqfe5yus3nguqbddlqyh3u5vukjnwtkiaxfv4b2hi57xzphpabyrbyyysmiwxsudidrtwgw36ljjwo7dyavuu6mtcbb4f6b3cpj7fom2nmyycrnhk2lblb3fptxsvk6vy3gnmeuynjh3fgkg4yhn55fonvgyliyai7ciorvspbg4ydtopmlahty4x37mg6ecqi7jw2yerkn5du6ne32d52tk3jryfksue5jxbf5nqjrmfa6cuki4etgmnc47hm24h3msloby=?u=https%3A%2F%2Fipsos.pro%2Fkph3nv
Requested by
Host: richshredinger.com
URL: https://richshredinger.com/event/?id=16015818594445612646&cid=c5g&sid=a2&format=push&type=click
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.98.54.150 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
7c7a7253a3d0646255f3352aaa6660f46f435d00498f5159c13b6e77c810beac

Request headers

Referer
https://richshredinger.com/event/?id=16015818594445612646&cid=c5g&sid=a2&format=push&type=click
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Width, Viewport-Width, DPR, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 11 Apr 2022 18:47:04 GMT
server
nginx/1.19.0
vary
Accept-Encoding

Redirect headers

content-length
0
date
Mon, 11 Apr 2022 18:47:03 GMT
location
https://s.viiadr.com/h/559/nonhsxg2qfnht2mfq7wwi4fdq6nj5thyqvkgossribafyeqhafvgfg5dtlzvmebszi46m3m2k7wlizxapgl5coxrncznnt6l2hv7fpig6bedr2sxqnkicul4xrj6lvm5s5i36sv4zsgpcvnyjo5j5c46jtyve6pukazog2zqaqnpwy2owvlfeocjfhbfizvtmnn7qv7asjkocmnk4zlkcu7d2kbzesf3gfoewtdcxtrfpifcjjuouvoq52r3m5nukgvuxajrk7hu7lf4vhdfjkcnncifevl2k5secy3cbj6v4blfpr4vmykmnvvq662razqx27cwiizfzc7wq5vsfg4tnf4vcwckbizctvjyh2tezskryt3vlccizlgvdj2k3xzx7vcqhhawx24yqfe5yus3nguqbddlqyh3u5vukjnwtkiaxfv4b2hi57xzphpabyrbyyysmiwxsudidrtwgw36ljjwo7dyavuu6mtcbb4f6b3cpj7fom2nmyycrnhk2lblb3fptxsvk6vy3gnmeuynjh3fgkg4yhn55fonvgyliyai7ciorvspbg4ydtopmlahty4x37mg6ecqi7jw2yerkn5du6ne32d52tk3jryfksue5jxbf5nqjrmfa6cuki4etgmnc47hm24h3msloby=?u=https%3A%2F%2Fipsos.pro%2Fkph3nv
referrer-policy
no-referrer
server
dspclick-v3.7.9
86761068
mc.yandex.com/webvisor/ 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/86761068?wmode=0&wv-part=1&wv-hit=957415106&page-url=https%3A%2F%2Frichshredinger.com%2Fevent%2F%3Fid%3D16015818594445612646%26cid%3Dc5g%26sid%3Da2%26format%3Dpush%26type%3Dclick&rn=70762914&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1649702824%3Aw%3A1600x1200%3Av%3A782%3Az%3A0%3Ai%3A20220411184704%3Au%3A1649702824818084441%3Avf%3Aa8mjecangl5v275zywhk%3Awe%3A1%3Ast%3A1649702824&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://richshredinger.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 11 Apr 2022 18:47:04 GMT
last-modified
Mon, 11-Apr-2022 18:47:04 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://richshredinger.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 11-Apr-2022 18:47:04 GMT
86761068
mc.yandex.com/webvisor/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/86761068?wmode=0&wv-part=1&wv-hit=957415106&page-url=https%3A%2F%2Frichshredinger.com%2Fevent%2F%3Fid%3D16015818594445612646%26cid%3Dc5g%26sid%3Da2%26format%3Dpush%26type%3Dclick&rn=199148628&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1649702824%3Aw%3A1600x1200%3Av%3A782%3Az%3A0%3Ai%3A20220411184704%3Au%3A1649702824818084441%3Avf%3Aa8mjecangl5v275zywhk%3Awe%3A1%3Ast%3A1649702824&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://richshredinger.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 11 Apr 2022 18:47:04 GMT
last-modified
Mon, 11-Apr-2022 18:47:04 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://richshredinger.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 11-Apr-2022 18:47:04 GMT
Primary Request /
cdn.novhorod002.com/
Redirect Chain
  • https://ipsos.pro/kph3nv
  • https://cdn.novhorod002.com/
18 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.novhorod002.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.9.91.8 , Ukraine, ASN210986 (AUDEVIE, UA),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
b0109876945daa9da520032d91accdad221c29ec5927f132fbde6fc06750ac7a

Request headers

Referer
https://s.viiadr.com/h/559/nonhsxg2qfnht2mfq7wwi4fdq6nj5thyqvkgossribafyeqhafvgfg5dtlzvmebszi46m3m2k7wlizxapgl5coxrncznnt6l2hv7fpig6bedr2sxqnkicul4xrj6lvm5s5i36sv4zsgpcvnyjo5j5c46jtyve6pukazog2zqaqnpwy2owvlfeocjfhbfizvtmnn7qv7asjkocmnk4zlkcu7d2kbzesf3gfoewtdcxtrfpifcjjuouvoq52r3m5nukgvuxajrk7hu7lf4vhdfjkcnncifevl2k5secy3cbj6v4blfpr4vmykmnvvq662razqx27cwiizfzc7wq5vsfg4tnf4vcwckbizctvjyh2tezskryt3vlccizlgvdj2k3xzx7vcqhhawx24yqfe5yus3nguqbddlqyh3u5vukjnwtkiaxfv4b2hi57xzphpabyrbyyysmiwxsudidrtwgw36ljjwo7dyavuu6mtcbb4f6b3cpj7fom2nmyycrnhk2lblb3fptxsvk6vy3gnmeuynjh3fgkg4yhn55fonvgyliyai7ciorvspbg4ydtopmlahty4x37mg6ecqi7jw2yerkn5du6ne32d52tk3jryfksue5jxbf5nqjrmfa6cuki4etgmnc47hm24h3msloby=?u=https%3A%2F%2Fipsos.pro%2Fkph3nv
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Mon, 11 Apr 2022 18:47:04 GMT
etag
W/"6223cddf-4605"
last-modified
Sat, 05 Mar 2022 20:53:51 GMT
server
nginx/1.20.1

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
6fa5e37ccea98fc5-FRA
content-type
text/html; charset=UTF-8
date
Mon, 11 Apr 2022 18:47:04 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
hpserver
hapee-partners-lb-2
hserver
9
location
https://cdn.novhorod002.com
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P0H6Hu%2FLibh4NRA8y%2FC9LehwuesD%2Fz5JJt8s9%2Fl9d6Yfj6LaNScwMl7L0BdWtKBzdKYVmyZaEGjgB6ieFGQCgLKn9gQc3Wi8Ks31sX4WG9mkLFcvTsQniTgOKYUXu70PW7kRxrRE4OY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-be
bk_haproxy-ams/proxy9
x-powered-by
PHP/7.2.29
index
s.viiadr.com/cnt/api/ 		0
143 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s.viiadr.com/cnt/api/index
Requested by
Host: s.viiadr.com
URL: https://s.viiadr.com/h/559/nonhsxg2qfnht2mfq7wwi4fdq6nj5thyqvkgossribafyeqhafvgfg5dtlzvmebszi46m3m2k7wlizxapgl5coxrncznnt6l2hv7fpig6bedr2sxqnkicul4xrj6lvm5s5i36sv4zsgpcvnyjo5j5c46jtyve6pukazog2zqaqnpwy2owvlfeocjfhbfizvtmnn7qv7asjkocmnk4zlkcu7d2kbzesf3gfoewtdcxtrfpifcjjuouvoq52r3m5nukgvuxajrk7hu7lf4vhdfjkcnncifevl2k5secy3cbj6v4blfpr4vmykmnvvq662razqx27cwiizfzc7wq5vsfg4tnf4vcwckbizctvjyh2tezskryt3vlccizlgvdj2k3xzx7vcqhhawx24yqfe5yus3nguqbddlqyh3u5vukjnwtkiaxfv4b2hi57xzphpabyrbyyysmiwxsudidrtwgw36ljjwo7dyavuu6mtcbb4f6b3cpj7fom2nmyycrnhk2lblb3fptxsvk6vy3gnmeuynjh3fgkg4yhn55fonvgyliyai7ciorvspbg4ydtopmlahty4x37mg6ecqi7jw2yerkn5du6ne32d52tk3jryfksue5jxbf5nqjrmfa6cuki4etgmnc47hm24h3msloby=?u=https%3A%2F%2Fipsos.pro%2Fkph3nv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.98.54.150 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.0 / PHP/7.2.24-0ubuntu0.18.04.4
Resource Hash

Request headers

Referer
https://s.viiadr.com/h/559/nonhsxg2qfnht2mfq7wwi4fdq6nj5thyqvkgossribafyeqhafvgfg5dtlzvmebszi46m3m2k7wlizxapgl5coxrncznnt6l2hv7fpig6bedr2sxqnkicul4xrj6lvm5s5i36sv4zsgpcvnyjo5j5c46jtyve6pukazog2zqaqnpwy2owvlfeocjfhbfizvtmnn7qv7asjkocmnk4zlkcu7d2kbzesf3gfoewtdcxtrfpifcjjuouvoq52r3m5nukgvuxajrk7hu7lf4vhdfjkcnncifevl2k5secy3cbj6v4blfpr4vmykmnvvq662razqx27cwiizfzc7wq5vsfg4tnf4vcwckbizctvjyh2tezskryt3vlccizlgvdj2k3xzx7vcqhhawx24yqfe5yus3nguqbddlqyh3u5vukjnwtkiaxfv4b2hi57xzphpabyrbyyysmiwxsudidrtwgw36ljjwo7dyavuu6mtcbb4f6b3cpj7fom2nmyycrnhk2lblb3fptxsvk6vy3gnmeuynjh3fgkg4yhn55fonvgyliyai7ciorvspbg4ydtopmlahty4x37mg6ecqi7jw2yerkn5du6ne32d52tk3jryfksue5jxbf5nqjrmfa6cuki4etgmnc47hm24h3msloby=?u=https%3A%2F%2Fipsos.pro%2Fkph3nv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 11 Apr 2022 18:47:04 GMT
content-encoding
gzip
server
nginx/1.19.0
x-powered-by
PHP/7.2.24-0ubuntu0.18.04.4
content-type
text/html; charset=UTF-8
style.css
cdn.novhorod002.com/ 		105 KB
105 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.novhorod002.com/style.css
Requested by
Host: cdn.novhorod002.com
URL: https://cdn.novhorod002.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.9.91.8 , Ukraine, ASN210986 (AUDEVIE, UA),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
9c2d5536d833146c64f34dec71a42d8b9d8d7d21d0350b53c6b15bfc699f4efe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.novhorod002.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 18:47:04 GMT
last-modified
Sat, 05 Mar 2022 12:37:40 GMT
server
nginx/1.20.1
accept-ranges
bytes
etag
"62235994-1a3bd"
content-length
107453
content-type
text/css
main.js
cdn.novhorod002.com/ 		680 B
814 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.novhorod002.com/main.js
Requested by
Host: cdn.novhorod002.com
URL: https://cdn.novhorod002.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.9.91.8 , Ukraine, ASN210986 (AUDEVIE, UA),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
039c8f503a85fcc9c6d49603cb0c5bfb46381f4970b9cfa6a4116015ec157f56

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.novhorod002.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 18:47:04 GMT
last-modified
Sat, 05 Mar 2022 12:37:40 GMT
server
nginx/1.20.1
accept-ranges
bytes
etag
"62235994-2a8"
content-length
680
content-type
application/javascript
DextraWebPushSDK.js
cdn.novhorod002.com/ 		21 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.novhorod002.com/DextraWebPushSDK.js
Requested by
Host: cdn.novhorod002.com
URL: https://cdn.novhorod002.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.9.91.8 , Ukraine, ASN210986 (AUDEVIE, UA),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
f6b404021130cca258f7a4e0a8189791737a47f53900ea7faf7f5641b87ed26c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.novhorod002.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 18:47:04 GMT
last-modified
Sat, 05 Mar 2022 20:32:02 GMT
server
nginx/1.20.1
accept-ranges
bytes
etag
"6223c8c2-5387"
content-length
21383
content-type
application/javascript
ee1a6467-29cf-4374-9fb4-6be1812d4af2.json
cdn.dextra-pm.com/wp/config/ 		610 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.dextra-pm.com/wp/config/ee1a6467-29cf-4374-9fb4-6be1812d4af2.json
Requested by
Host: cdn.novhorod002.com
URL: https://cdn.novhorod002.com/DextraWebPushSDK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-107.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eec551b87e8bb31657130dbac235197fe7d9cdb6320248af17c59d81a2afbdcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.novhorod002.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 18:47:05 GMT
via
1.1 b0067143f1e1520182fe27b53cced2a6.cloudfront.net (CloudFront)
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-cf-pop
DUS51-P2
x-cache
Miss from cloudfront
content-length
610
last-modified
Thu, 10 Mar 2022 09:32:50 GMT
server
AmazonS3
etag
"f4314e2d1c847280a484f52fa9d7f3ad"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
https://cdn.novhorod002.com
access-control-expose-headers
Access-Control-Allow-Origin
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
612W5_-PMCfjJyK_KlUXcOj0d1gZNEiDvxzgtKgTKPgSW5viDp4RGA==
truncated
/ 		169 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4504fa43557994444822bbc430a5b9842bf408808e2c0e0a833b15d0deb2f1e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		314 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
45b5f0766369ad2ddd66ceea502abc80ffd069c309deec0714a53a5f043cb31d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		319 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eaf999deede21a0246ba9fb4f58899857775ab1cf885012792838ad2444f1892

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
24935999366f9bb6b613a6f6b2d21f838cd082a1ae2b331c0bdfeeab559994db

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5978dd203bc016df022fcc70de991b0b3868e05a2b9b2d415fd9fceea2ba7ea9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7fe76cfeab77b5b7f2886f25ee8fb9a4e6138d47d936856bcf8653cfa84f1a9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e787b130cc1c01765393806647ba41712b29071f7c30464eedd9e84e96158d72

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		55 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
305480a633db2482c730ff0564db989b53fad541e65bacf08409c15797121160

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3272f093836c594a91f0070d2b79bb61bdcceb6444c19c6d83d377d0440f6cb0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f54363eda78fc468e0f9ba50402e754002de5ca1810c1ee887a2e8813d37be18

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		101 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6ccf0b8abb83d2e8ae4c8748030e9968f7efa3888600c82b51739b854b6b50e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
97e3c55772aaf7e759c4b746a15fabbf759043795eaa9ce80ac8a01f7b48dcc7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
TK3iWkUHHAIjg752GT8Dl-1PKw.ttf
fonts.gstatic.com/s/oswald/v16/ 		19 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v16/TK3iWkUHHAIjg752GT8Dl-1PKw.ttf
Requested by
Host: cdn.novhorod002.com
URL: https://cdn.novhorod002.com/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8753bf6f2b315d0802662b179b2df96c5d3795389c4f7782f1bb0aea170b1e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.novhorod002.com/
Origin
https://cdn.novhorod002.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 20:54:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
424365
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12148
x-xss-protection
0
last-modified
Tue, 07 Nov 2017 15:18:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 06 Apr 2023 20:54:19 GMT
DextraWebPushSDKWorker.js
cdn.novhorod002.com/ Frame 		0
0
permission-request
api.dextra-pm.com/api/webpush/ 		30 B
633 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.dextra-pm.com/api/webpush/permission-request
Requested by
Host: cdn.novhorod002.com
URL: https://cdn.novhorod002.com/DextraWebPushSDK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11e8dda0143183ba92b7b49a86b7064e807efe41087fc4203fc90505204a69de

Request headers

Referer
https://cdn.novhorod002.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 11 Apr 2022 18:47:05 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
allow
POST
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BUM7%2FQ%2FongYLy7TubxYTb7JahnqiGA4%2FFEB3JYi76%2FTeUnMYLkMdWt4g5vsFJ%2FwHiYEM9kE1JuQauVl%2Bb0oILJ1wbyWKXsIuXY18kDSYrVG5p%2FYUuL1hA95hk4s1APwe2bNkDl0Q4gzPdlwB1OTiVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://cdn.novhorod002.com
access-control-expose-headers
link
cache-control
no-cache, private
cf-ray
6fa5e38108b28fc5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
permission-request
api.dextra-pm.com/api/webpush/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.dextra-pm.com/api/webpush/permission-request
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://cdn.novhorod002.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-headers
content-type, authorization
access-control-allow-methods
POST, PUT, GET, DELETE
access-control-allow-origin
https://cdn.novhorod002.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
6fa5e37fbab19b94-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 11 Apr 2022 18:47:05 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aw9lPcGAkKVdZetLl9kPyN1TCoLMoIAVBOyOHR47%2F1R82bTAO9vVXnIYHAHpZdS6R31EBzkK0%2FHYBGKvwDUS0YDUDUS6Jteud5KYUU6FfyiJ9U%2FEvA4aVhlvZM4L9tLU3sH9WBa5vH0b2omBeYJOKw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
vbsrz1i5ptkf.s4.adsco.re
URL
https://vbsrz1i5ptkf.s4.adsco.re/
Domain
6.adsco.re
URL
https://6.adsco.re/
Domain
4.adsco.re
URL
https://4.adsco.re/
Domain
cdn.novhorod002.com
URL
https://cdn.novhorod002.com/DextraWebPushSDKWorker.js

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| DextraWebPush

14 Cookies

Domain/Path Name / Value
richshredinger.com/ Name: a
Value: 9FCHunHHJq9xfUBxE21toSTPLsfxr6Ti
.richshredinger.com/ Name: _ym_uid
Value: 1649702824818084441
.richshredinger.com/ Name: _ym_d
Value: 1649702824
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 3137418934fake
.richshredinger.com/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 4037818210fake
.yandex.com/ Name: yandexuid
Value: 3968773391649702823
.yandex.com/ Name: yuidss
Value: 3968773391649702823
mc.yandex.com/ Name: yabs-sid
Value: 496473621649702823
.yandex.com/ Name: i
Value: dmwMKqs6pdn88T3MlSlVNu06bd44+idE9n9iueHft3pKAklwfKL80Ob93pTYJGwwqU8BnHl/akyfquHkCqPlHkRFuNE=
.yandex.com/ Name: ymex
Value: 1681238823.yrts.1649702823#1681238823.yrtsi.1649702823
.richshredinger.com/ Name: _ym_visorc
Value: w
richshredinger.com/ Name: token_QkCGAAAAAAAA_hLfnAKxAK7wemwwz8EpXCqg9CA
Value: BAoAYlR3qAFiVHeogAGBAcAAIKDcK4qgUEf9SPolYScEBDxlktSPB_TJw20Fx-_6DdNfwQAgENjfSdSuCp0uzKCaCEr6_4EyFtA5JrkCFeG_30_V1knCACCtbPFXcwF5rmEFkb43adhnXjbmuqNNMv5VwnvYnjdjesQAECoDGyAABvARAAAAAAAAAG7FABA-17P7CoUeaJVJVXE1J-ukwwAgO9w7AKT_eK8xuZ3-m6uEO5zJqyuhJk75FBe24ApJSB4
redri.net/ Name: adcsid-c-3350124723WchHkabh
Value: 1

2 Console Messages

Source Level URL
Text
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9605.dMBA_HcmOD1AxfPJloOuKeFOa10YHrAwCQjK3hcAPTKzFOssLtsdWPxvJJi-qvPio6XeQGfzelwHCXQluJJqDA%2C%2C.RM_jhCIu6UeX6YjVtd7BuauPSfc%2C
Message:
Failed to load resource: the server responded with a status of 400 ()
other error URL: https://cdn.novhorod002.com/
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.adsco.re
6.adsco.re
adsco.re
api.dextra-pm.com
c.adsco.re
cdn.dextra-pm.com
cdn.novhorod002.com
fonts.gstatic.com
ipsos.pro
mc.yandex.com
mc.yandex.ru
notification.tubecup.net
redri.net
richshredinger.com
s.viiadr.com
vbsrz1i5ptkf.l4.adsco.re
vbsrz1i5ptkf.n4.adsco.re
vbsrz1i5ptkf.s4.adsco.re
4.adsco.re
6.adsco.re
cdn.novhorod002.com
vbsrz1i5ptkf.s4.adsco.re
108.157.4.107
109.206.168.17
159.69.161.138
162.252.214.5
168.119.200.196
185.200.118.90
185.98.54.150
194.9.91.8
2606:4700::6811:a6ba
2606:4700::6811:a7ba
2a00:1450:4001:80e::2003
2a02:6b8::1:119
2a06:98c1:3120::7
38.132.109.186
02e963f4f70f340ef68928113390159bb401f704da776f339f6d04b57d04ad2c
039c8f503a85fcc9c6d49603cb0c5bfb46381f4970b9cfa6a4116015ec157f56
11e8dda0143183ba92b7b49a86b7064e807efe41087fc4203fc90505204a69de
1d762f275def083e70c835ccbff38136da98fdae737572b59b0822e327e9be6d
24935999366f9bb6b613a6f6b2d21f838cd082a1ae2b331c0bdfeeab559994db
305480a633db2482c730ff0564db989b53fad541e65bacf08409c15797121160
3272f093836c594a91f0070d2b79bb61bdcceb6444c19c6d83d377d0440f6cb0
4504fa43557994444822bbc430a5b9842bf408808e2c0e0a833b15d0deb2f1e3
45b5f0766369ad2ddd66ceea502abc80ffd069c309deec0714a53a5f043cb31d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5978dd203bc016df022fcc70de991b0b3868e05a2b9b2d415fd9fceea2ba7ea9
5e0f5447da0376f0102a5d803d7d08816d59687932e64ac9f67ab9119a6aaa03
6676403d614657aab51e4807503d9f0de6723b08c4e404e109f1375b891117be
6ccf0b8abb83d2e8ae4c8748030e9968f7efa3888600c82b51739b854b6b50e5
7c7a7253a3d0646255f3352aaa6660f46f435d00498f5159c13b6e77c810beac
7fe76cfeab77b5b7f2886f25ee8fb9a4e6138d47d936856bcf8653cfa84f1a9e
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
8753bf6f2b315d0802662b179b2df96c5d3795389c4f7782f1bb0aea170b1e55
97e3c55772aaf7e759c4b746a15fabbf759043795eaa9ce80ac8a01f7b48dcc7
9c2d5536d833146c64f34dec71a42d8b9d8d7d21d0350b53c6b15bfc699f4efe
b0109876945daa9da520032d91accdad221c29ec5927f132fbde6fc06750ac7a
d5cdad9263edfdae32ad4dbe82bff533f444b63fc642d92b7bde533ed7c3db4a
d7363b7b1c8681054f6f068da2f15440a7841bc9a8af70c3e22abc41231ed642
da1bc24aeafec2701dbdeed0d9f37421252a140e3307a71e4bc5fec4cec377e5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e787b130cc1c01765393806647ba41712b29071f7c30464eedd9e84e96158d72
eaf999deede21a0246ba9fb4f58899857775ab1cf885012792838ad2444f1892
eec551b87e8bb31657130dbac235197fe7d9cdb6320248af17c59d81a2afbdcc
f54363eda78fc468e0f9ba50402e754002de5ca1810c1ee887a2e8813d37be18
f6b404021130cca258f7a4e0a8189791737a47f53900ea7faf7f5641b87ed26c